[ad_1]
The Department of Homeland Security released this weekend a statement in which it supported the denial by Apple and Amazon of an explosive report from Bloomberg Businessweek claiming that a Chinese military unit had inserted microchips into the cards server motherboards of Super Micro Computer Inc. (Supermicro), widely used by American companies. time, we have no reason to doubt the statements of companies cited in history. "
The Bloomberg report claimed that chips, which were the size of a pencil tip and ended up in server cards used by nearly 30 companies, as well as by government agencies, compromised data centers exploited by Amazon and Apple. US investigators found that Chinese agents acting on behalf of the People's Liberation Army had used a combination of subterfuge, bribes and threats to insert compromising chips during the various stages of the war. supermicro supply chain. impossible to detect and access through the backdoor to the systems in which they were implanted.
"I think that according to the methodology of design and manufacture of these pieces, that it is a state actor or even someone else." I do not think it is difficult to inject elements that the brand or design team has not intentionally created. Anna-Katrina Shedletsky, high-tech expert in the manufacturing sector, told Business Insider. "I do not know what to believe, but at the same time, it does not matter, because it's possible, and we have to act as if it's the truth to solve the problem."
Bloomberg's story further alleged that Amazon sold its entire data infrastructure in Beijing to Chinese partners, a source close to the move described as[hacking] ill member "and that Apple has replaced the approximately 7,000 Supermicro servers in its data centers. If that were to be confirmed, the consequences would be enormous – Chinese intelligence would have access to sensitive IT systems, both in the private and defense sectors – but the two tech giants denied:
Amazon and Apple firmly refute this story. Amazon says it's "wrong" to know of "servers containing malicious chips or changes in data centers based in China," or to have "worked with the FBI to investigate or provide data on malicious material ". Apple is just as definitive. Bloomberg: "In this regard, we can be very clear: Apple has never found malicious chips," hardware manipulations "or vulnerabilities deliberately created on a server."
Apple staff separately told BuzzFeed News that the company had conducted a detailed investigation of the Bloomberg report and found no corroborating evidence:
"We tried to find out if there was anything, no matter whatit's been very close to that, "a senior security officer at Apple told BuzzFeed News. "We did not find anything."
A security engineer directly involved in Apple's internal investigation described the procedure as endoscopic, pointing out that she had never seen a chip similar to that described in the story, let alone found. "I do not know if anything like this even exists," said this person, pointing out that Apple did not have a smart or a malicious motherboard to examine. "We were not given anything. No material. No chips. No emails. "
DHS backs them up. In their statement, the agency wrote: "The Department of Homeland Security is aware of information reported by the media regarding a compromise on the technology supply chain. Like our UK partners, the National Cyber Security Center, we have no reason at this time to doubt the statements of the companies cited in the story. "Of course, this suggests the possibility that a strange wording is going on, and the statement continues to say that DHS has recently launched" several initiatives between government and industry aimed at developing solutions to short and long term to manage the risks posed by the complex challenges posed by increasingly global supply chains.
According to Reuters, Bruce Sewell, recently retired Chief Apple Lawyer, said that after learning about Bloomberg's investigation last year, he was reassured by then-FBI General Counsel James Baker that the report had no substance.
"I phoned him personally and said," Do you know anything about this? "Sewell told Reuters." He said, "I've never heard of that, but give me 24 hours to be sure." He called me back 24 hours later and said: "No one here knows what this story is about."
The denials made by the companies involved, as well as government agencies, have led to speculation that the original Bloomberg report was planted or otherwise inaccurate, or that it was quietly concealed for national security reasons. . As the registry wrote, the denials of Apple and Amazon were exceptionally firm, and it is possible that government sources played the threat too much – although the site also found "inconceivable that [Bloomberg] would publish such a huge story that was not waterproof. A refusal from DHS certainly adds another twist to this story, although it remains to be seen if, under all fumes, there was a real fire.
[DHS]Source link
